Spaces:
Sleeping
Sleeping
Commit
·
7911e9c
1
Parent(s):
e82805c
changes
Browse files
app.py
CHANGED
|
@@ -71,7 +71,19 @@ def set_api_key():
|
|
| 71 |
def generate_notebook_route():
|
| 72 |
# SECURITY FIX: Only use session API key, never a global one
|
| 73 |
api_key = session.get("api_key") if "api_key" in session else None
|
| 74 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 75 |
if not api_key:
|
| 76 |
logger.warning("Generate notebook request without API key")
|
| 77 |
return jsonify({"success": False, "message": "API key not set - please set your API key in the settings"}), 401
|
|
|
|
| 71 |
def generate_notebook_route():
|
| 72 |
# SECURITY FIX: Only use session API key, never a global one
|
| 73 |
api_key = session.get("api_key") if "api_key" in session else None
|
| 74 |
+
|
| 75 |
+
# Fallback: check URL parameter for API key if not set in session
|
| 76 |
+
if not api_key:
|
| 77 |
+
api_key_param = request.args.get('api_key_param')
|
| 78 |
+
if api_key_param:
|
| 79 |
+
try:
|
| 80 |
+
genai.configure(api_key=api_key_param)
|
| 81 |
+
model = genai.GenerativeModel("gemini-2.0-pro-exp-02-05")
|
| 82 |
+
session["api_key"] = api_key_param
|
| 83 |
+
api_key = api_key_param
|
| 84 |
+
logger.info("API key set from URL parameter in generate_notebook_route")
|
| 85 |
+
except Exception as e:
|
| 86 |
+
logger.error(f"API key validation error from URL parameter in generate_notebook_route: {str(e)}")
|
| 87 |
if not api_key:
|
| 88 |
logger.warning("Generate notebook request without API key")
|
| 89 |
return jsonify({"success": False, "message": "API key not set - please set your API key in the settings"}), 401
|